Directory traversal vulnerability in Home Ftp Server 1.0.7 allows remote authenticated users to read arbitrary files via "C:\" (Windows drive letter) sequences in commands such as (1) LIST or (2) RETR.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ari_pikivirta | home_ftp_server | 1.0.7_b45 |
Home Ftp Server 1.0.7 stores sensitive user information and server information in the same directory as the user's home directory, which allows remote authenticated users to obtain sensitive information by obtaining ftpmembers.lst and ftpsettings.lst.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ari_pikivirta | home_ftp_server | 1.0.7_b45 |
Ari Pikivirta Home Ftp Server 1.0.7 allows remote attackers to cause an unspecified denial of service via a long USER command combined with a long PASS command.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ari_pikivirta | home_ftp_server | 1.0.7 |